Subject: Minutes 23 September 2010 TC Meeting
I. Roll Call Voting Members Hal Lockhart (Chair) Bill Parducci (Co-Chair, minutes) Erik Rissanen Paul Tyson Gareth Richards Sridhar Muppidi Anthony Nadalin Rich Levinson John Tolbert Non-Voting Anil Saldhana Jan Herrmann Quorum met: (63% per Kavi) II. Administrivia Approve Minutes: 9 Sep 2010 TC Meeting: http://lists.oasis-open.org/archives/xacml/201009/msg00003.html APPROVED unanimously Identity Management 2010 Identity Management 2010 meeting will be held 27-28 September in Washington, DC USA http://events.oasis-open.org/home/IDM/2010 BrightTALK Authentication Summit Oct 7th Speakers interested in speaking on XACML are invited to contact Dee Schur at Oasis. For more information: http://lists.oasis-open.org/archives/xacml/201009/msg00008.html III. XACML v3.0 Status All 8 specs have been promoted to Committee Specification status. The documents may be found: http://docs.oasis-open.org/xacml/3.0/ IV Issues Obligations satisfied by PEP? The TC discussed Jan's solution for resolving obligations. There is general agreement by the TC that this solution is compliant with the current definition of a PEP/Context Handler. Privacy Workshop Paul discussed how XACML TC might be able to contribute to IAB workshop on "How can Technology help to improve Privacy on the Internet?" TC members are encouraged to take explore: http://www.iab.org/about/workshops/privacy/). Risk Adaptive Control John offered that it would be interesting to develop a Profile to explore solving this. He felt that this could be done without changes to the Core specification. Hal noted that without a specific scheme of attributes and values a Profile would be difficult. Paul noted that an attribute based solution remains unbounded in definition. Gareth offered that risk assessment can be calculated based upon other attributes. He questioned if XACML can compute this. Hal offered that the current working assumption if that this information would be precomputed and provided to the PDP. Policy Distribution Protocol Hal created the term "cohort" to refer a set of Policies intended to be evaluated/enforced at the same time. Semantic Web Profile Paul informed the TC that he and David Staggs are working on Profile for the "semantic web" that is based upon the XACML RDF discussion on the TC wiki. They may have something to discuss in more detail at the next TC meeting. Next meeting will be held on 7 October. meeting adjourned.